// Licensed to Elasticsearch B.V under one or more agreements.
// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
// See the LICENSE file in the project root for more information.
//
// ███╗   ██╗ ██████╗ ████████╗██╗ ██████╗███████╗
// ████╗  ██║██╔═══██╗╚══██╔══╝██║██╔════╝██╔════╝
// ██╔██╗ ██║██║   ██║   ██║   ██║██║     █████╗
// ██║╚██╗██║██║   ██║   ██║   ██║██║     ██╔══╝
// ██║ ╚████║╚██████╔╝   ██║   ██║╚██████╗███████╗
// ╚═╝  ╚═══╝ ╚═════╝    ╚═╝   ╚═╝ ╚═════╝╚══════╝
// ------------------------------------------------
//
// This file is automatically generated.
// Please do not edit these files manually.
//
// ------------------------------------------------

#nullable restore

using Elastic.Clients.Elasticsearch.Serverless.Fluent;
using Elastic.Clients.Elasticsearch.Serverless.Requests;
using Elastic.Clients.Elasticsearch.Serverless.Serialization;
using Elastic.Transport;
using Elastic.Transport.Extensions;
using System;
using System.Collections.Generic;
using System.Linq.Expressions;
using System.Text.Json;
using System.Text.Json.Serialization;

namespace Elastic.Clients.Elasticsearch.Serverless.Security;

public sealed partial class UpdateApiKeyRequestParameters : RequestParameters
{
}

/// <summary>
/// <para>
/// Update an API key.
/// Updates attributes of an existing API key.
/// Users can only update API keys that they created or that were granted to them.
/// Use this API to update API keys created by the create API Key or grant API Key APIs.
/// If you need to apply the same update to many API keys, you can use bulk update API Keys to reduce overhead.
/// It’s not possible to update expired API keys, or API keys that have been invalidated by invalidate API Key.
/// This API supports updates to an API key’s access scope and metadata.
/// The access scope of an API key is derived from the <c>role_descriptors</c> you specify in the request, and a snapshot of the owner user’s permissions at the time of the request.
/// The snapshot of the owner’s permissions is updated automatically on every call.
/// If you don’t specify <c>role_descriptors</c> in the request, a call to this API might still change the API key’s access scope.
/// This change can occur if the owner user’s permissions have changed since the API key was created or last modified.
/// To update another user’s API key, use the <c>run_as</c> feature to submit a request on behalf of another user.
/// IMPORTANT: It’s not possible to use an API key as the authentication credential for this API.
/// To update an API key, the owner user’s credentials are required.
/// </para>
/// </summary>
public sealed partial class UpdateApiKeyRequest : PlainRequest<UpdateApiKeyRequestParameters>
{
	public UpdateApiKeyRequest(Elastic.Clients.Elasticsearch.Serverless.Id id) : base(r => r.Required("id", id))
	{
	}

	internal override ApiUrls ApiUrls => ApiUrlLookup.SecurityUpdateApiKey;

	protected override HttpMethod StaticHttpMethod => HttpMethod.PUT;

	internal override bool SupportsBody => true;

	internal override string OperationName => "security.update_api_key";

	/// <summary>
	/// <para>
	/// Expiration time for the API key.
	/// </para>
	/// </summary>
	[JsonInclude, JsonPropertyName("expiration")]
	public Elastic.Clients.Elasticsearch.Serverless.Duration? Expiration { get; set; }

	/// <summary>
	/// <para>
	/// Arbitrary metadata that you want to associate with the API key. It supports nested data structure. Within the metadata object, keys beginning with _ are reserved for system usage.
	/// </para>
	/// </summary>
	[JsonInclude, JsonPropertyName("metadata")]
	public IDictionary<string, object>? Metadata { get; set; }

	/// <summary>
	/// <para>
	/// An array of role descriptors for this API key. This parameter is optional. When it is not specified or is an empty array, then the API key will have a point in time snapshot of permissions of the authenticated user. If you supply role descriptors then the resultant permissions would be an intersection of API keys permissions and authenticated user’s permissions thereby limiting the access scope for API keys. The structure of role descriptor is the same as the request for create role API. For more details, see create or update roles API.
	/// </para>
	/// </summary>
	[JsonInclude, JsonPropertyName("role_descriptors")]
	public IDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptor>? RoleDescriptors { get; set; }
}

/// <summary>
/// <para>
/// Update an API key.
/// Updates attributes of an existing API key.
/// Users can only update API keys that they created or that were granted to them.
/// Use this API to update API keys created by the create API Key or grant API Key APIs.
/// If you need to apply the same update to many API keys, you can use bulk update API Keys to reduce overhead.
/// It’s not possible to update expired API keys, or API keys that have been invalidated by invalidate API Key.
/// This API supports updates to an API key’s access scope and metadata.
/// The access scope of an API key is derived from the <c>role_descriptors</c> you specify in the request, and a snapshot of the owner user’s permissions at the time of the request.
/// The snapshot of the owner’s permissions is updated automatically on every call.
/// If you don’t specify <c>role_descriptors</c> in the request, a call to this API might still change the API key’s access scope.
/// This change can occur if the owner user’s permissions have changed since the API key was created or last modified.
/// To update another user’s API key, use the <c>run_as</c> feature to submit a request on behalf of another user.
/// IMPORTANT: It’s not possible to use an API key as the authentication credential for this API.
/// To update an API key, the owner user’s credentials are required.
/// </para>
/// </summary>
public sealed partial class UpdateApiKeyRequestDescriptor<TDocument> : RequestDescriptor<UpdateApiKeyRequestDescriptor<TDocument>, UpdateApiKeyRequestParameters>
{
	internal UpdateApiKeyRequestDescriptor(Action<UpdateApiKeyRequestDescriptor<TDocument>> configure) => configure.Invoke(this);

	public UpdateApiKeyRequestDescriptor(Elastic.Clients.Elasticsearch.Serverless.Id id) : base(r => r.Required("id", id))
	{
	}

	internal override ApiUrls ApiUrls => ApiUrlLookup.SecurityUpdateApiKey;

	protected override HttpMethod StaticHttpMethod => HttpMethod.PUT;

	internal override bool SupportsBody => true;

	internal override string OperationName => "security.update_api_key";

	public UpdateApiKeyRequestDescriptor<TDocument> Id(Elastic.Clients.Elasticsearch.Serverless.Id id)
	{
		RouteValues.Required("id", id);
		return Self;
	}

	private Elastic.Clients.Elasticsearch.Serverless.Duration? ExpirationValue { get; set; }
	private IDictionary<string, object>? MetadataValue { get; set; }
	private IDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor<TDocument>> RoleDescriptorsValue { get; set; }

	/// <summary>
	/// <para>
	/// Expiration time for the API key.
	/// </para>
	/// </summary>
	public UpdateApiKeyRequestDescriptor<TDocument> Expiration(Elastic.Clients.Elasticsearch.Serverless.Duration? expiration)
	{
		ExpirationValue = expiration;
		return Self;
	}

	/// <summary>
	/// <para>
	/// Arbitrary metadata that you want to associate with the API key. It supports nested data structure. Within the metadata object, keys beginning with _ are reserved for system usage.
	/// </para>
	/// </summary>
	public UpdateApiKeyRequestDescriptor<TDocument> Metadata(Func<FluentDictionary<string, object>, FluentDictionary<string, object>> selector)
	{
		MetadataValue = selector?.Invoke(new FluentDictionary<string, object>());
		return Self;
	}

	/// <summary>
	/// <para>
	/// An array of role descriptors for this API key. This parameter is optional. When it is not specified or is an empty array, then the API key will have a point in time snapshot of permissions of the authenticated user. If you supply role descriptors then the resultant permissions would be an intersection of API keys permissions and authenticated user’s permissions thereby limiting the access scope for API keys. The structure of role descriptor is the same as the request for create role API. For more details, see create or update roles API.
	/// </para>
	/// </summary>
	public UpdateApiKeyRequestDescriptor<TDocument> RoleDescriptors(Func<FluentDescriptorDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor<TDocument>>, FluentDescriptorDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor<TDocument>>> selector)
	{
		RoleDescriptorsValue = selector?.Invoke(new FluentDescriptorDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor<TDocument>>());
		return Self;
	}

	protected override void Serialize(Utf8JsonWriter writer, JsonSerializerOptions options, IElasticsearchClientSettings settings)
	{
		writer.WriteStartObject();
		if (ExpirationValue is not null)
		{
			writer.WritePropertyName("expiration");
			JsonSerializer.Serialize(writer, ExpirationValue, options);
		}

		if (MetadataValue is not null)
		{
			writer.WritePropertyName("metadata");
			JsonSerializer.Serialize(writer, MetadataValue, options);
		}

		if (RoleDescriptorsValue is not null)
		{
			writer.WritePropertyName("role_descriptors");
			JsonSerializer.Serialize(writer, RoleDescriptorsValue, options);
		}

		writer.WriteEndObject();
	}
}

/// <summary>
/// <para>
/// Update an API key.
/// Updates attributes of an existing API key.
/// Users can only update API keys that they created or that were granted to them.
/// Use this API to update API keys created by the create API Key or grant API Key APIs.
/// If you need to apply the same update to many API keys, you can use bulk update API Keys to reduce overhead.
/// It’s not possible to update expired API keys, or API keys that have been invalidated by invalidate API Key.
/// This API supports updates to an API key’s access scope and metadata.
/// The access scope of an API key is derived from the <c>role_descriptors</c> you specify in the request, and a snapshot of the owner user’s permissions at the time of the request.
/// The snapshot of the owner’s permissions is updated automatically on every call.
/// If you don’t specify <c>role_descriptors</c> in the request, a call to this API might still change the API key’s access scope.
/// This change can occur if the owner user’s permissions have changed since the API key was created or last modified.
/// To update another user’s API key, use the <c>run_as</c> feature to submit a request on behalf of another user.
/// IMPORTANT: It’s not possible to use an API key as the authentication credential for this API.
/// To update an API key, the owner user’s credentials are required.
/// </para>
/// </summary>
public sealed partial class UpdateApiKeyRequestDescriptor : RequestDescriptor<UpdateApiKeyRequestDescriptor, UpdateApiKeyRequestParameters>
{
	internal UpdateApiKeyRequestDescriptor(Action<UpdateApiKeyRequestDescriptor> configure) => configure.Invoke(this);

	public UpdateApiKeyRequestDescriptor(Elastic.Clients.Elasticsearch.Serverless.Id id) : base(r => r.Required("id", id))
	{
	}

	internal override ApiUrls ApiUrls => ApiUrlLookup.SecurityUpdateApiKey;

	protected override HttpMethod StaticHttpMethod => HttpMethod.PUT;

	internal override bool SupportsBody => true;

	internal override string OperationName => "security.update_api_key";

	public UpdateApiKeyRequestDescriptor Id(Elastic.Clients.Elasticsearch.Serverless.Id id)
	{
		RouteValues.Required("id", id);
		return Self;
	}

	private Elastic.Clients.Elasticsearch.Serverless.Duration? ExpirationValue { get; set; }
	private IDictionary<string, object>? MetadataValue { get; set; }
	private IDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor> RoleDescriptorsValue { get; set; }

	/// <summary>
	/// <para>
	/// Expiration time for the API key.
	/// </para>
	/// </summary>
	public UpdateApiKeyRequestDescriptor Expiration(Elastic.Clients.Elasticsearch.Serverless.Duration? expiration)
	{
		ExpirationValue = expiration;
		return Self;
	}

	/// <summary>
	/// <para>
	/// Arbitrary metadata that you want to associate with the API key. It supports nested data structure. Within the metadata object, keys beginning with _ are reserved for system usage.
	/// </para>
	/// </summary>
	public UpdateApiKeyRequestDescriptor Metadata(Func<FluentDictionary<string, object>, FluentDictionary<string, object>> selector)
	{
		MetadataValue = selector?.Invoke(new FluentDictionary<string, object>());
		return Self;
	}

	/// <summary>
	/// <para>
	/// An array of role descriptors for this API key. This parameter is optional. When it is not specified or is an empty array, then the API key will have a point in time snapshot of permissions of the authenticated user. If you supply role descriptors then the resultant permissions would be an intersection of API keys permissions and authenticated user’s permissions thereby limiting the access scope for API keys. The structure of role descriptor is the same as the request for create role API. For more details, see create or update roles API.
	/// </para>
	/// </summary>
	public UpdateApiKeyRequestDescriptor RoleDescriptors(Func<FluentDescriptorDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor>, FluentDescriptorDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor>> selector)
	{
		RoleDescriptorsValue = selector?.Invoke(new FluentDescriptorDictionary<string, Elastic.Clients.Elasticsearch.Serverless.Security.RoleDescriptorDescriptor>());
		return Self;
	}

	protected override void Serialize(Utf8JsonWriter writer, JsonSerializerOptions options, IElasticsearchClientSettings settings)
	{
		writer.WriteStartObject();
		if (ExpirationValue is not null)
		{
			writer.WritePropertyName("expiration");
			JsonSerializer.Serialize(writer, ExpirationValue, options);
		}

		if (MetadataValue is not null)
		{
			writer.WritePropertyName("metadata");
			JsonSerializer.Serialize(writer, MetadataValue, options);
		}

		if (RoleDescriptorsValue is not null)
		{
			writer.WritePropertyName("role_descriptors");
			JsonSerializer.Serialize(writer, RoleDescriptorsValue, options);
		}

		writer.WriteEndObject();
	}
}